I don't know where you're getting the contents of $adt_h_date, but did you read the section on placeholders from the DBI docs? You want to use placeholders to protect against SQL injection. I'd suggest looking this up in the documentation.